News Stay informed about the latest enterprise technology news and product updates.

Adobe patches Flash zero-day used in foreign ministry attacks

Adobe has released an emergency patch for Flash zero-day vulnerabilities that have been exploited in the wild in attacks on foreign affairs ministries.

Adobe has been no stranger to Flash zero-day exploits in recent months, but the newest vulnerabilities to be fixed...

with an emergency patch have reportedly been used in targeted attacks against foreign affairs ministries in a spear-phishing campaign, called Operation Pawn Storm.

Adobe acknowledged the flaws and released bulletin APSB15-27, which fixes a few critical vulnerabilities, including CVE-2015-7645 used in Pawn Storm, according to Trend Micro Inc.

In the attacks, high-profile political targets in NATO, the White House, as well as Ukraine and Russia received emails with what appeared to be headlines for current events. However, the links directed either to malicious Adobe Flash SWF files or to fake Outlook Web App login pages.

Google alerted Adobe to the Flash vulnerability on Sept. 29, about two weeks before exploits were seen in the wild.

Jean Taggart, senior security researcher for Malwarebytes Labs in San Jose, Calif., said it is time for enterprises and especially government agencies to move on from Flash.

"Everyone should be migrating to HTML5 as fast as possible -- governments even more so," Taggart said. "Flash is one, if not the preferred attack vector for malicious actors. Everyone should disable it, or at the very least, employ some anti-exploit mitigation mechanism."

Taggart admitted that the cost and difficulty of transitioning away from Flash can vary considerably, but organizations and government agencies at least need to have a plan in place and be aware of the issues that may arise.

"There are exploit mitigation programs that can be deployed if the migration is expected to be lengthy, but Flash has become a technology where the risks outweigh the benefits," Taggart said. "Having personally used [Flash on-demand] technologies, I can attest that your browsing experience is fundamentally changed. I understand sysadmins would not relish the queue of complaint tickets deploying a 'play-on-demand' solution would generate. It is better to concentrate on migrating to HTML5."

Next Steps

Learn how sandboxes benefit network protection and malware defense.

Be surprised by how many Adobe Flash zero-day vulnerabilities have been discovered this year.

Find out about Project Shumway, another possible Flash replacement.

Dig Deeper on Security patch management and Windows Patch Tuesday news

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

3 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What is your organization's plan for moving on from Adobe Flash?
Cancel
A lot of old school methods are no longer viable in today's world. The risks out weight the benefits. It looks like HTML 5 will be the way to go. I have also seen where other browsers are dropping support for other plugins due to plugins using outdated processes or those that are no longer supported. We just got too comfortable with the old way and this is our wake up call to move forward.
Cancel
This is not a new problem. The more attention that it gets, the more issues we will see. Those who knew nothing about the exploit may try and use it themselves. It's like an Easter egg in a game. Once it's found and broadcast to the world, those who knew nothing will go back and check it out. Granted this needs to be fixed asap, my concern is how bad will or internet surfing be until the switch to HTML5. If I am responsible for my companies presence on the web you can bet it would get fixed pronto. You do not want to lose customers with a poorly functioning site to deliver media. They may go elsewhere and never return.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close